forked from Minki/linux
mqueue: revert bump up DFLT_*MAX
Mqueue limitation is slightly naieve parameter likes other ipcs because unprivileged user can consume kernel memory by using ipcs. Thus, too aggressive raise bring us security issue. Example, current setting allow evil unprivileged user use 256GB (= 256 * 1024 * 1024*1024) and it's enough large to system will belome unresponsive. Don't do that. Instead, every admin should adjust the knobs for their own systems. Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Acked-by: Doug Ledford <dledford@redhat.com> Acked-by: Joe Korty <joe.korty@ccur.com> Cc: Amerigo Wang <amwang@redhat.com> Acked-by: Serge E. Hallyn <serue@us.ibm.com> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Manfred Spraul <manfred@colorfullife.com> Cc: Dave Hansen <haveblue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
5b5c4d1a14
commit
e6315bb154
@ -118,12 +118,12 @@ extern int mq_init_ns(struct ipc_namespace *ns);
|
||||
#define DFLT_QUEUESMAX 256
|
||||
#define HARD_QUEUESMAX 1024
|
||||
#define MIN_MSGMAX 1
|
||||
#define DFLT_MSG 64U
|
||||
#define DFLT_MSGMAX 1024
|
||||
#define DFLT_MSG 10U
|
||||
#define DFLT_MSGMAX 10
|
||||
#define HARD_MSGMAX 65536
|
||||
#define MIN_MSGSIZEMAX 128
|
||||
#define DFLT_MSGSIZE 8192U
|
||||
#define DFLT_MSGSIZEMAX (1024*1024)
|
||||
#define DFLT_MSGSIZEMAX 8192
|
||||
#define HARD_MSGSIZEMAX (16*1024*1024)
|
||||
#else
|
||||
static inline int mq_init_ns(struct ipc_namespace *ns) { return 0; }
|
||||
|
Loading…
Reference in New Issue
Block a user